iPXE
asn1.h
Go to the documentation of this file.
00001 #ifndef _IPXE_ASN1_H
00002 #define _IPXE_ASN1_H
00003 
00004 /** @file
00005  *
00006  * ASN.1 encoding
00007  *
00008  */
00009 
00010 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
00011 
00012 #include <stddef.h>
00013 #include <stdint.h>
00014 #include <assert.h>
00015 #include <time.h>
00016 #include <ipxe/tables.h>
00017 
00018 /** An ASN.1 object cursor */
00019 struct asn1_cursor {
00020         /** Start of data */
00021         const void *data;
00022         /** Length of data */
00023         size_t len;
00024 };
00025 
00026 /** An ASN.1 object builder */
00027 struct asn1_builder {
00028         /** Data
00029          *
00030          * This is always dynamically allocated.  If @c data is NULL
00031          * while @len is non-zero, this indicates that a memory
00032          * allocation error has occurred during the building process.
00033          */
00034         void *data;
00035         /** Length of data */
00036         size_t len;
00037 };
00038 
00039 /** Maximum (viable) length of ASN.1 length
00040  *
00041  * While in theory unlimited, this length is sufficient to contain a
00042  * size_t.
00043  */
00044 #define ASN1_MAX_LEN_LEN ( 1 + sizeof ( size_t ) )
00045 
00046 /** An ASN.1 header */
00047 struct asn1_builder_header {
00048         /** Type */
00049         uint8_t type;
00050         /** Length (encoded) */
00051         uint8_t length[ASN1_MAX_LEN_LEN];
00052 } __attribute__ (( packed ));
00053 
00054 /** ASN.1 end */
00055 #define ASN1_END 0x00
00056 
00057 /** ASN.1 boolean */
00058 #define ASN1_BOOLEAN 0x01
00059 
00060 /** ASN.1 integer */
00061 #define ASN1_INTEGER 0x02
00062 
00063 /** ASN.1 bit string */
00064 #define ASN1_BIT_STRING 0x03
00065 
00066 /** ASN.1 octet string */
00067 #define ASN1_OCTET_STRING 0x04
00068 
00069 /** ASN.1 null */
00070 #define ASN1_NULL 0x05
00071 
00072 /** ASN.1 object identifier */
00073 #define ASN1_OID 0x06
00074 
00075 /** ASN.1 enumeration */
00076 #define ASN1_ENUMERATED 0x0a
00077 
00078 /** ASN.1 UTC time */
00079 #define ASN1_UTC_TIME 0x17
00080 
00081 /** ASN.1 generalized time */
00082 #define ASN1_GENERALIZED_TIME 0x18
00083 
00084 /** ASN.1 sequence */
00085 #define ASN1_SEQUENCE 0x30
00086 
00087 /** ASN.1 set */
00088 #define ASN1_SET 0x31
00089 
00090 /** ASN.1 implicit tag */
00091 #define ASN1_IMPLICIT_TAG( number) ( 0x80 | (number) )
00092 
00093 /** ASN.1 explicit tag */
00094 #define ASN1_EXPLICIT_TAG( number) ( 0xa0 | (number) )
00095 
00096 /** ASN.1 "any tag" magic value */
00097 #define ASN1_ANY -1U
00098 
00099 /** Initial OID byte */
00100 #define ASN1_OID_INITIAL( first, second ) ( ( (first) * 40 ) + (second) )
00101 
00102 /** Single-byte OID value
00103  *
00104  * Valid for values up to 127
00105  */
00106 #define ASN1_OID_SINGLE( value ) ( (value) & 0x7f )
00107 
00108 /** Double-byte OID value
00109  *
00110  * Valid for values up to 16383
00111  */
00112 #define ASN1_OID_DOUBLE( value ) \
00113         ( 0x80 | ( ( (value) >> 7 ) & 0x7f ) ), ASN1_OID_SINGLE ( (value) )
00114 
00115 /** Double-byte OID value
00116  *
00117  * Valid for values up to 2097151
00118  */
00119 #define ASN1_OID_TRIPLE( value ) \
00120         ( 0x80 | ( ( (value) >> 14 ) & 0x7f ) ), ASN1_OID_DOUBLE ( (value) )
00121 
00122 /** ASN.1 OID for rsaEncryption (1.2.840.113549.1.1.1) */
00123 #define ASN1_OID_RSAENCRYPTION                                  \
00124         ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
00125         ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
00126         ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 1 )
00127 
00128 /** ASN.1 OID for md5WithRSAEncryption (1.2.840.113549.1.1.4) */
00129 #define ASN1_OID_MD5WITHRSAENCRYPTION                           \
00130         ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
00131         ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
00132         ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 4 )
00133 
00134 /** ASN.1 OID for sha1WithRSAEncryption (1.2.840.113549.1.1.5) */
00135 #define ASN1_OID_SHA1WITHRSAENCRYPTION                          \
00136         ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
00137         ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
00138         ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 5 )
00139 
00140 /** ASN.1 OID for sha256WithRSAEncryption (1.2.840.113549.1.1.11) */
00141 #define ASN1_OID_SHA256WITHRSAENCRYPTION                        \
00142         ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
00143         ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
00144         ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 11 )
00145 
00146 /** ASN.1 OID for sha384WithRSAEncryption (1.2.840.113549.1.1.12) */
00147 #define ASN1_OID_SHA384WITHRSAENCRYPTION                        \
00148         ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
00149         ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
00150         ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 12 )
00151 
00152 /** ASN.1 OID for sha512WithRSAEncryption (1.2.840.113549.1.1.13) */
00153 #define ASN1_OID_SHA512WITHRSAENCRYPTION                        \
00154         ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
00155         ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
00156         ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 13 )
00157 
00158 /** ASN.1 OID for sha224WithRSAEncryption (1.2.840.113549.1.1.14) */
00159 #define ASN1_OID_SHA224WITHRSAENCRYPTION                        \
00160         ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
00161         ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
00162         ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 14 )
00163 
00164 /** ASN.1 OID for id-md4 (1.2.840.113549.2.4) */
00165 #define ASN1_OID_MD4                                            \
00166         ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
00167         ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 2 ),      \
00168         ASN1_OID_SINGLE ( 4 )
00169 
00170 /** ASN.1 OID for id-md5 (1.2.840.113549.2.5) */
00171 #define ASN1_OID_MD5                                            \
00172         ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
00173         ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 2 ),      \
00174         ASN1_OID_SINGLE ( 5 )
00175 
00176 /** ASN.1 OID for id-sha1 (1.3.14.3.2.26) */
00177 #define ASN1_OID_SHA1                                           \
00178         ASN1_OID_INITIAL ( 1, 3 ), ASN1_OID_SINGLE ( 14 ),      \
00179         ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 2 ),           \
00180         ASN1_OID_SINGLE ( 26 )
00181 
00182 /** ASN.1 OID for id-sha256 (2.16.840.1.101.3.4.2.1) */
00183 #define ASN1_OID_SHA256                                         \
00184         ASN1_OID_INITIAL ( 2, 16 ), ASN1_OID_DOUBLE ( 840 ),    \
00185         ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 101 ),         \
00186         ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 ),           \
00187         ASN1_OID_SINGLE ( 2 ), ASN1_OID_SINGLE ( 1 )
00188 
00189 /** ASN.1 OID for id-sha384 (2.16.840.1.101.3.4.2.2) */
00190 #define ASN1_OID_SHA384                                         \
00191         ASN1_OID_INITIAL ( 2, 16 ), ASN1_OID_DOUBLE ( 840 ),    \
00192         ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 101 ),         \
00193         ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 ),           \
00194         ASN1_OID_SINGLE ( 2 ), ASN1_OID_SINGLE ( 2 )
00195 
00196 /** ASN.1 OID for id-sha512 (2.16.840.1.101.3.4.2.3) */
00197 #define ASN1_OID_SHA512                                         \
00198         ASN1_OID_INITIAL ( 2, 16 ), ASN1_OID_DOUBLE ( 840 ),    \
00199         ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 101 ),         \
00200         ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 ),           \
00201         ASN1_OID_SINGLE ( 2 ), ASN1_OID_SINGLE ( 3 )
00202 
00203 /** ASN.1 OID for id-sha224 (2.16.840.1.101.3.4.2.4) */
00204 #define ASN1_OID_SHA224                                         \
00205         ASN1_OID_INITIAL ( 2, 16 ), ASN1_OID_DOUBLE ( 840 ),    \
00206         ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 101 ),         \
00207         ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 ),           \
00208         ASN1_OID_SINGLE ( 2 ), ASN1_OID_SINGLE ( 4 )
00209 
00210 /** ASN.1 OID for id-sha512-224 (2.16.840.1.101.3.4.2.5) */
00211 #define ASN1_OID_SHA512_224                                             \
00212         ASN1_OID_INITIAL ( 2, 16 ), ASN1_OID_DOUBLE ( 840 ),    \
00213         ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 101 ),         \
00214         ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 ),           \
00215         ASN1_OID_SINGLE ( 2 ), ASN1_OID_SINGLE ( 5 )
00216 
00217 /** ASN.1 OID for id-sha512-256 (2.16.840.1.101.3.4.2.6) */
00218 #define ASN1_OID_SHA512_256                                             \
00219         ASN1_OID_INITIAL ( 2, 16 ), ASN1_OID_DOUBLE ( 840 ),    \
00220         ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 101 ),         \
00221         ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 ),           \
00222         ASN1_OID_SINGLE ( 2 ), ASN1_OID_SINGLE ( 6 )
00223 
00224 /** ASN.1 OID for commonName (2.5.4.3) */
00225 #define ASN1_OID_COMMON_NAME                                    \
00226         ASN1_OID_INITIAL ( 2, 5 ), ASN1_OID_SINGLE ( 4 ),       \
00227         ASN1_OID_SINGLE ( 3 )
00228 
00229 /** ASN.1 OID for id-ce-keyUsage (2.5.29.15) */
00230 #define ASN1_OID_KEYUSAGE                                       \
00231         ASN1_OID_INITIAL ( 2, 5 ), ASN1_OID_SINGLE ( 29 ),      \
00232         ASN1_OID_SINGLE ( 15 )
00233 
00234 /** ASN.1 OID for id-ce-basicConstraints (2.5.29.19) */
00235 #define ASN1_OID_BASICCONSTRAINTS                               \
00236         ASN1_OID_INITIAL ( 2, 5 ), ASN1_OID_SINGLE ( 29 ),      \
00237         ASN1_OID_SINGLE ( 19 )
00238 
00239 /** ASN.1 OID for id-ce-extKeyUsage (2.5.29.37) */
00240 #define ASN1_OID_EXTKEYUSAGE                                    \
00241         ASN1_OID_INITIAL ( 2, 5 ), ASN1_OID_SINGLE ( 29 ),      \
00242         ASN1_OID_SINGLE ( 37 )
00243 
00244 /** ASN.1 OID for id-kp-codeSigning (1.3.6.1.5.5.7.3.3) */
00245 #define ASN1_OID_CODESIGNING                                    \
00246         ASN1_OID_INITIAL ( 1, 3 ), ASN1_OID_SINGLE ( 6 ),       \
00247         ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 5 ),           \
00248         ASN1_OID_SINGLE ( 5 ), ASN1_OID_SINGLE ( 7 ),           \
00249         ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 3 )
00250 
00251 /** ASN.1 OID for pkcs-signedData (1.2.840.113549.1.7.2) */
00252 #define ASN1_OID_SIGNEDDATA                                     \
00253         ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
00254         ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
00255         ASN1_OID_SINGLE ( 7 ), ASN1_OID_SINGLE ( 2 )
00256 
00257 /** ASN.1 OID for id-pe-authorityInfoAccess (1.3.6.1.5.5.7.1.1) */
00258 #define ASN1_OID_AUTHORITYINFOACCESS                            \
00259         ASN1_OID_INITIAL ( 1, 3 ), ASN1_OID_SINGLE ( 6 ),       \
00260         ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 5 ),           \
00261         ASN1_OID_SINGLE ( 5 ), ASN1_OID_SINGLE ( 7 ),           \
00262         ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 1 )
00263 
00264 /** ASN.1 OID for id-ad-ocsp (1.3.6.1.5.5.7.48.1) */
00265 #define ASN1_OID_OCSP                                           \
00266         ASN1_OID_INITIAL ( 1, 3 ), ASN1_OID_SINGLE ( 6 ),       \
00267         ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 5 ),           \
00268         ASN1_OID_SINGLE ( 5 ), ASN1_OID_SINGLE ( 7 ),           \
00269         ASN1_OID_SINGLE ( 48 ), ASN1_OID_SINGLE ( 1 )
00270 
00271 /** ASN.1 OID for id-pkix-ocsp-basic ( 1.3.6.1.5.5.7.48.1.1) */
00272 #define ASN1_OID_OCSP_BASIC                                     \
00273         ASN1_OID_INITIAL ( 1, 3 ), ASN1_OID_SINGLE ( 6 ),       \
00274         ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 5 ),           \
00275         ASN1_OID_SINGLE ( 5 ), ASN1_OID_SINGLE ( 7 ),           \
00276         ASN1_OID_SINGLE ( 48 ), ASN1_OID_SINGLE ( 1 ),          \
00277         ASN1_OID_SINGLE ( 1 )
00278 
00279 /** ASN.1 OID for id-kp-OCSPSigning (1.3.6.1.5.5.7.3.9) */
00280 #define ASN1_OID_OCSPSIGNING                                    \
00281         ASN1_OID_INITIAL ( 1, 3 ), ASN1_OID_SINGLE ( 6 ),       \
00282         ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 5 ),           \
00283         ASN1_OID_SINGLE ( 5 ), ASN1_OID_SINGLE ( 7 ),           \
00284         ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 9 )
00285 
00286 /** ASN.1 OID for id-ce-subjectAltName (2.5.29.17) */
00287 #define ASN1_OID_SUBJECTALTNAME                                 \
00288         ASN1_OID_INITIAL ( 2, 5 ), ASN1_OID_SINGLE ( 29 ),      \
00289         ASN1_OID_SINGLE ( 17 )
00290 
00291 /** Define an ASN.1 cursor containing an OID */
00292 #define ASN1_OID_CURSOR( oid_value ) {                          \
00293                 .data = oid_value,                              \
00294                 .len = sizeof ( oid_value ),                    \
00295         }
00296 
00297 /** An ASN.1 OID-identified algorithm */
00298 struct asn1_algorithm {
00299         /** Name */
00300         const char *name;
00301         /** Object identifier */
00302         struct asn1_cursor oid;
00303         /** Public-key algorithm (if applicable) */
00304         struct pubkey_algorithm *pubkey;
00305         /** Digest algorithm (if applicable) */
00306         struct digest_algorithm *digest;
00307 };
00308 
00309 /** ASN.1 OID-identified algorithms */
00310 #define ASN1_ALGORITHMS __table ( struct asn1_algorithm, "asn1_algorithms" )
00311 
00312 /** Declare an ASN.1 OID-identified algorithm */
00313 #define __asn1_algorithm __table_entry ( ASN1_ALGORITHMS, 01 )
00314 
00315 /** An ASN.1 bit string */
00316 struct asn1_bit_string {
00317         /** Data */
00318         const void *data;
00319         /** Length */
00320         size_t len;
00321         /** Unused bits at end of data */
00322         unsigned int unused;
00323 } __attribute__ (( packed ));
00324 
00325 /**
00326  * Invalidate ASN.1 object cursor
00327  *
00328  * @v cursor            ASN.1 object cursor
00329  */
00330 static inline __attribute__ (( always_inline )) void
00331 asn1_invalidate_cursor ( struct asn1_cursor *cursor ) {
00332         cursor->len = 0;
00333 }
00334 
00335 /**
00336  * Extract ASN.1 type
00337  *
00338  * @v cursor            ASN.1 object cursor
00339  * @ret type            Type, or ASN1_END if cursor is invalid
00340  */
00341 static inline __attribute__ (( always_inline )) unsigned int
00342 asn1_type ( const struct asn1_cursor *cursor ) {
00343         const uint8_t *type = cursor->data;
00344 
00345         return ( ( cursor->len >= sizeof ( *type ) ) ? *type : ASN1_END );
00346 }
00347 
00348 /**
00349  * Get cursor for built object
00350  *
00351  * @v builder           ASN.1 object builder
00352  * @ret cursor          ASN.1 object cursor
00353  */
00354 static inline __attribute__ (( always_inline )) struct asn1_cursor *
00355 asn1_built ( struct asn1_builder *builder ) {
00356         union {
00357                 struct asn1_builder builder;
00358                 struct asn1_cursor cursor;
00359         } *u = container_of ( builder, typeof ( *u ), builder );
00360 
00361         /* Sanity check */
00362         linker_assert ( ( ( const void * ) &u->builder.data ) ==
00363                         &u->cursor.data, asn1_builder_cursor_data_mismatch );
00364         linker_assert ( &u->builder.len == &u->cursor.len,
00365                         asn1_builder_cursor_len_mismatch );
00366 
00367         return &u->cursor;
00368 }
00369 
00370 extern int asn1_start ( struct asn1_cursor *cursor, unsigned int type,
00371                         size_t extra );
00372 extern int asn1_enter ( struct asn1_cursor *cursor, unsigned int type );
00373 extern int asn1_skip_if_exists ( struct asn1_cursor *cursor,
00374                                  unsigned int type );
00375 extern int asn1_skip ( struct asn1_cursor *cursor, unsigned int type );
00376 extern int asn1_shrink ( struct asn1_cursor *cursor, unsigned int type );
00377 extern int asn1_enter_any ( struct asn1_cursor *cursor );
00378 extern int asn1_skip_any ( struct asn1_cursor *cursor );
00379 extern int asn1_shrink_any ( struct asn1_cursor *cursor );
00380 extern int asn1_boolean ( const struct asn1_cursor *cursor );
00381 extern int asn1_integer ( const struct asn1_cursor *cursor, int *value );
00382 extern int asn1_bit_string ( const struct asn1_cursor *cursor,
00383                              struct asn1_bit_string *bits );
00384 extern int asn1_integral_bit_string ( const struct asn1_cursor *cursor,
00385                                       struct asn1_bit_string *bits );
00386 extern int asn1_compare ( const struct asn1_cursor *cursor1,
00387                           const struct asn1_cursor *cursor2 );
00388 extern int asn1_algorithm ( const struct asn1_cursor *cursor,
00389                             struct asn1_algorithm **algorithm );
00390 extern int asn1_pubkey_algorithm ( const struct asn1_cursor *cursor,
00391                                    struct asn1_algorithm **algorithm );
00392 extern int asn1_digest_algorithm ( const struct asn1_cursor *cursor,
00393                                    struct asn1_algorithm **algorithm );
00394 extern int asn1_signature_algorithm ( const struct asn1_cursor *cursor,
00395                                       struct asn1_algorithm **algorithm );
00396 extern int asn1_generalized_time ( const struct asn1_cursor *cursor,
00397                                    time_t *time );
00398 extern int asn1_grow ( struct asn1_builder *builder, size_t extra );
00399 extern int asn1_prepend_raw ( struct asn1_builder *builder, const void *data,
00400                               size_t len );
00401 extern int asn1_prepend ( struct asn1_builder *builder, unsigned int type,
00402                           const void *data, size_t len );
00403 extern int asn1_wrap ( struct asn1_builder *builder, unsigned int type );
00404 
00405 #endif /* _IPXE_ASN1_H */